Improve error messages for 403 permission errors #28
Description
Problem
When a user lacks permissions for an operation, the Bitbucket API returns generic error messages that don't match the actual problem:
$ bb repo create --workspace hudle --name test
✗ failed to create repository: API error 403: You do not have access to view this workspace.The user clearly CAN view the workspace (since bb repo list works), but they can't CREATE repositories. The error message is misleading.
Expected Behavior
Provide context-aware error messages that explain the actual permission issue:
$ bb repo create --workspace hudle --name test
✗ You don't have permission to create repositories in workspace 'hudle'.
Your role: member (requires contributor or admin)
Contact a workspace admin to request elevated access.Solution
Add operation-specific error handling for 403 responses in write commands:
- Check if the error is an
*api.APIErrorwithStatusCode == 403 - If so, return a helpful message that includes:
- What operation was attempted
- The workspace/resource involved
- Suggestion for resolution (contact admin, check permissions, etc.)
Files to Update
| File | Operation | Better Error Message |
|---|---|---|
repo/create.go |
create repo | "You don't have permission to create repositories in workspace 'X'" |
repo/delete.go |
delete repo | "You don't have permission to delete this repository" |
repo/fork.go |
fork repo | "You don't have permission to fork to workspace 'X'" |
project/create.go |
create project | "You don't have permission to create projects in workspace 'X'" |
snippet/create.go |
create snippet | "You don't have permission to create snippets in workspace 'X'" |
snippet/edit.go |
edit snippet | "You don't have permission to edit this snippet" |
snippet/delete.go |
delete snippet | "You don't have permission to delete this snippet" |
Implementation Options
Option A: Inline error handling (simpler)
Handle 403 errors directly in each command's run function.
Option B: Centralized helper (DRY)
Create cmdutil.FormatAPIError(err, operation, resource) that provides context-aware messages.
Additional Improvements
Consider also handling:
- 401: "Authentication failed. Run 'bb auth login' to re-authenticate"
- 429: "Rate limited. Please wait and try again"